Cant renew certbot

muditha · September 25, 2021, 9:34am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: hrm.adventa.com.au

I ran this command: certbot renew

It produced this output: Traceback (most recent call last): File "/usr/lib/python3/dist-packages/certbot/renewal.py", line 65, in _reconstitute renewal_candidate = storage.RenewableCert(full_path, config) File "/usr/lib/python3/dist-packages/certbot/storage.py", line 465, in init self._check_symlinks() File "/usr/lib/python3/dist-packages/certbot/storage.py", line 522, in _check_symlinks raise errors.CertStorageError( certbot.errors.CertStorageError: expected /etc/letsencrypt/lived/openproject.adventa.com.au/cert.pem to be a symlink Renewal configuration file /etc/letsencrypt/renewal/openproject.adventa.com.au.conf is broken. Skipping.

My web server is (include version): apache2

The operating system my web server runs on is (include version): ubuntu 20.4

My hosting provider, if applicable, is: digital ocean

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

rg305 · September 25, 2021, 1:13pm

Hi @muditha, welcome to the LE community forum

Please show the output of:
certbot --version

rg305 · September 25, 2021, 1:22pm

I find that path to be non-standard.

Let's also see the file:

muditha · September 25, 2021, 7:35pm

2021-09-26_1-04-32

Osiris · September 25, 2021, 8:09pm

@rg305 means the contents of the file.

Although this doesn't look like an Apache thing @rg305, the error comes from within certbot itself: someone messed up the renewal configuration file, probably by manually editing things and making an error.

@muditha Please show the contents of the file:

/etc/letsencrypt/renewal/openproject.adventa.com.au.conf

and also the output of:

ls -l /etc/letsencrypt/lived/openproject.adventa.com.au

and, just to be sure

ls -l /etc/letsencrypt/live/openproject.adventa.com.au

muditha · September 27, 2021, 4:54am

2021-09-27_10-00-12

muditha · September 27, 2021, 4:55am

2021-09-27_10-20-25

Osiris · September 27, 2021, 5:36am

For some reason your renewal configuration file uses the directory /lived/ instead of /live/? How did that happen? If you change it back to /live/, certbot is probably going to be fine again.

muditha · September 30, 2021, 11:46am

how to change it?

Osiris · September 30, 2021, 11:47am

The same way how /live/ was changed to /lived/ in the first place? Probably due to manual tampering, so probably manual intervention is required again.

muditha · October 1, 2021, 7:11am

thanks for the help guys. It's working now. I have deleted the SSL conf file and archive and reinstall

system · October 31, 2021, 7:11am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certbot renewal failed after trying multiple options Help	23	2351	December 25, 2021
Certificate renew Help	6	522	May 12, 2023
Certbot renew giving error Help	15	1911	August 26, 2021
Can not renew certificate Help	24	600	November 30, 2023
Error renewing SSL Help	59	5658	January 31, 2021

Cant renew certbot

Related topics